-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 According to Jim Meyering on 4/22/2008 5:13 PM: |>> If security isn't enough of an argument, you can consider this yet another |>> reason not to put "." early in your PATH. Please consider removing |>> "." from your PATH altogether.
| | Besides, I recognize that no system is immune from risk. | I.e., a bug in my browser may allow malicious code to create | that /tmp/ls file you mentioned. I personally like having . in my PATH on systems I manage, but only at the end and never first, so I can guarantee that any important program (like /bin/ls) cannot be inadvertently replaced by a malicious /tmp/ls. - -- Don't work too hard, make some time for fun as well! Eric Blake [EMAIL PROTECTED] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (Cygwin) Comment: Public key at home.comcast.net/~ericblake/eblake.gpg Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkgOwroACgkQ84KuGfSFAYANfACgn04WGKCqJ+shKYcKvvbFc8X/ txgAn3JTJWtntANLifoj2gKzhWsqyBwU =Nu2/ -----END PGP SIGNATURE----- _______________________________________________ Bug-coreutils mailing list Bug-coreutils@gnu.org http://lists.gnu.org/mailman/listinfo/bug-coreutils
